theevilbit / Shield
An app to protect against process injection and suspicious file links on macOS
☆218Updated 3 years ago
Alternatives and similar repositories for Shield:
Users that are interested in Shield are comparing it to the libraries listed below
- A command line tool for pstree-like output on macOS with additional pid capturing capabilities☆251Updated 5 months ago
- File Monitor Library (based on Apple's new Endpoint Security Framework)☆336Updated 2 years ago
- Mapping XProtect's obfuscated malware family names to common industry names.☆83Updated 9 months ago
- Process Monitor Library (based on Apple's new Endpoint Security Framework)☆436Updated last year
- A DNS Monitor, leveraging Apple's NEDNSProxyProvider/Network Extension Framework☆176Updated 5 months ago
- And open-source version of % sfltool dumpbtm☆117Updated last year
- This is a work-in-progress command line tool for reversing run-only AppleScripts. It will help parse the output of applescript-disassembl…☆65Updated 4 years ago
- process info/monitoring library for macOS☆417Updated 3 years ago
- Secure example of an XPC helper written in Swift☆103Updated 4 years ago
- A user-mode application authorization system for MacOS written in Swift☆301Updated 4 years ago
- WhatsYourSign adds a menu item to Finder.app. Simply right-, or control-click on any file to display its cryptographic signing informatio…☆313Updated 2 months ago
- Various scripts for macOS tasks☆120Updated 3 months ago
- A module to expose the Endpoint Security library to Swift☆20Updated 5 years ago
- Phorion Kronos is a macOS security tool designed to enhance Apple's Transparency Consent and Control (TCC) security and privacy mechanism…☆72Updated last year
- A simple run-only applescript disassembler☆117Updated 2 years ago
- Scan your computer for applications that are either susceptible to dylib hijacking or have been hijacked.☆86Updated last year
- example project, utilizing Proc Info library☆68Updated 3 years ago
- Scripts (python3 and Swift) for macOS to recursively check /Applications and also check /usr/local/bin, /usr/bin, and /usr/sbin for binar…☆93Updated 2 years ago
- checks if an application is pristine (untampered) and from the official Mac App Store☆71Updated 3 years ago
- View all modules on that are loaded in the OS kernel☆69Updated last year
- View and remove notification messages from Apple's "Notification Database"☆100Updated 3 years ago
- Every Apple Platform Security Guide☆159Updated 5 months ago
- macOS application that makes use of the EndpointSecurity framework☆19Updated 5 years ago
- Visually explore all running tasks (processes) ....viewing its signature status, loaded dylibs, open files, network connection, and much …☆90Updated 3 years ago
- This is a complete Xcode project of the Endpoint Security Demo gist: https://gist.github.com/Omar-Ikram/8e6721d8e83a3da69b31d4c2612a68ba☆19Updated 3 weeks ago
- Proof of concept MacOS post exploitation tool written in Swift. Designed as a POC for blue teams to build macOS detections. Author: Cedri…☆119Updated 4 years ago
- Dotfiles and scripts to configure macOS the way I like it. Caveat emptor 😉🔥☆35Updated last week
- Network Monitor☆326Updated 3 months ago
- macOS Endpoint Security Message Analysis Tool☆45Updated 2 years ago
- Notifies the user when macOS Security components like Gatekeeper and XProtect have been updated☆60Updated 3 years ago